Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] the new YOU, how it works for ME? =)
  • From: Steffen Dettmer <steffen@xxxxxxx>
  • Date: Sun, 11 Feb 2001 22:09:12 +0100
  • Message-id: <20010211220912.D3051@xxxxxxxxx>
* Lenz Grimmer wrote on Sun, Feb 11, 2001 at 21:30 +0100:
> On Sun, Feb 11, Steffen Dettmer wrote:
> > Are the packages signed? Otherwise this looks like a nice security hole
> > here, since some DNS Spoofing or similar would allow an attacker to send
> > trojaned RPMs.
>
> Yes, the RPMs are signed and YaST2 will verify the signature.

Oh, that's great. Are other update packages signed too? By GPG? I
have to get the key, I assume it's avaiable via HTTPS?

oki,

Steffen

--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.

< Previous Next >
Follow Ups